Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: How Prosecutors Wiretap Wall Street
From: Paul Schmehl <pschmehl_lists () tx rr com>
Date: Fri, 06 Nov 2009 13:25:43 -0600

--On Friday, November 06, 2009 10:46:39 -0600 Valdis.Kletnieks () vt edu wrote:

On Thu, 05 Nov 2009 21:47:41 CST, Paul Schmehl said:
Getting back on topic, it is well-known, and proven, that the NSA has
surveillence facilities inside  several U.S. telecom carriers.  You need
only look inside one of AT&T's PoPs in San Francisco for proof.


You know this to be true because you've looked for yourself, right?  You
didn't just take the world of a complete stranger quoted by a compliant
press at face value, did you?

Hey Paul: Thanks for this enlightening point.  I've just realized that
Mt Everest doesn't exist either, and we've all been taking the word of
complete strangers quoted by a compliant National Geographic. All those
pics are 'shopped, you can tell by the pixels.

C'Mon Paul, quit being a total intentionally blind asshole.  You presumably
know how things like BGP and packet forwarding work, and there's nice maps
of most of the sub-ocean fiberoptic cables. Using a minute's *thought* would
show that if the NSA wanted to do *any* surveillance in a reasonably
efficient manner, they *would* have to create surveillance facilities at
the major peering points and exchanges.

You know how traceroute works.  The locations of all the trans-oceanic
fiber cables are *very* well documented (they have to be, it sucks if you
lose your cable because a trawler didn't know it was there).  From that,
it's pretty easy to figure out where you want to put your intercept
facilities.

So you're stuck with one of two choices:

1) Believe that the NSA in fact didn't do any hoovering of transmissions even
though they've come out and said they did.

2) Admit that they would indeed need a room right near the ATT PoP in SF
right where the whistleblower said it was.

And of course Congress knew nothing about it, even though they had been
briefed about it dozens of times and never raised a single objection.
...
The fact that you believe that only those who violate their oath of office
are honest and only those who never violate their oath of office are
dishonest blinds you to the possibility that the truth lies somewhere in
between.

You appear to be similarly blinded to the possibility that perhaps, just
perhaps, the people in Congress had been... *gasp* lied to and the program
misrepresented.  Because those fine upstanding guys at the intelligence
and defense agencies would *never* do a thing like that, just like they
were all telling the truth back in 1969 and everything that Daniel Ellsberg
said was a lie.

Oh, and they didn't actually illegally wiretap Ellserg during his trial, so
there's no reason the judge should have dismissed all the charges.

Which is a more sensible approach - to question and worry about the
governments actual intentions *this* time (even though they may be innocent
*this* time) because they've done similar major-scale shit multiple times in
your lifetime, or to blindly accept what they say this time, even though
they've pulled similar shit multiple times in your memory?

"Fool me once, shame on you.  Fool me twice, shame on me".

The root claim is that the NSA was/is conducting illegal, warrantless 
surveillance on American citizens.  That claim has never been substantiated, 
and that is precisely my point.  If you know anything about internet routing 
(and I know you do), then you understand that to capture the traffic of 
terrorists you would have to be at a peering location where traffic is 
aggregated.

As I stated in an earlier response, it's akin to the bogus concern that many 
people express about system admins.  Gee, they can see everything I've got. 
Which is true, but beside the point.  The real question is, do they want to and 
are there safeguards against abuse.  I'm pretty certain the NSA has their hands 
full just trying to keep up with and track real threats.  I seriously doubt 
they give a shit about a phone conversation you have with your girlfriend where 
you discuss your sex life.

Now, if you are talking to jihadist radicals, then you shouldn't be surprised 
if the NSA takes an interest.  But snooping on ordinary Americans' every day 
conversations?  Please!  Do you seriously think they have the time, much less 
the interest?

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]